Tuesday, October 02, 2007

The Dynamics of the Malware Industry - Proprietary Malware Tools

The Underground Economy's Supply of Goods and Services The demand for private malware tools such as crypters, loaders and droppers is i...
Monday, October 01, 2007

Love is a Psychedelic Too

Compared to a previous example of an over-performing image spammer whose efforts to bypass spam filters make it virtually impossible for so...
Sunday, September 30, 2007

Don't Play Poker on an Infected Table

The scammy Euro VIP Casino is making another round this afternoon and trying to entice the spammed European users into downloading its soft...

Zero Day Vulnerabilities Market Model Gone Wrong

It's one thing to allow legitimate buyers, presumably the affected vendors themselves to bid for a zero day vulnerability discovered wi...
Saturday, September 29, 2007

DIY Chinese Passwords Stealer

This DIY passwords stealer courtesy of a chinese hacking group is pitched as Vista Compatible, with a server size in less than 20kb, process...

A New DDoS Malware Kit in the Wild

On the majority of occasions, malware authors either put efforts into implementing a set of standard features within a malware enabling them...
Friday, September 28, 2007

Syrian Embassy in London Serving Malware

After Bank of India was serving malware in August, next to the U.S Consulate in St.Petersburg two days later in September, now the Syrian ...
Thursday, September 27, 2007

Syrian Embassy in London Serving Malware

After Bank of India was serving malware in August, next to the U.S Consulate in St.Petersburg two days later in September, now the Syrian Em...
Wednesday, September 26, 2007

A New Issue of (IN)Secure Magazine "in the Wild"

(IN)Secure Magazine's Issue 13 was released yesterday, and as always is definitely worth printing out. What is (IN)Secure Magazine? (IN...

China's Cyber Espionage Ambitions

Must have been slow news week, so slow that all of a sudden Germany , the U.K , France , New Zealand , and the U.S got hacked by China'...

Localizing Open Source Malware

Can you find the differences in this piece of malware compared to the previous open source one I covered recently? Besides its localization...
Monday, September 24, 2007

The Dark Web and Cyber Jihad

It's interesting to monitor the use and abuse of the buzz word " Dark Web ". This press release for instance, tries to imply t...
Friday, September 21, 2007

The Truth Serum - Have a Drink!

Which security vendor would you rather choose if you were to ignore your current Return on Security Investment model ? The one telling you ...
Thursday, September 20, 2007

DIY Phishing Kit Goes 2.0

With the release of the second version of the DIY phishing kit that I covered in a previous post, next to commentary on another one and a ...
Wednesday, September 19, 2007

Custom DDoS Capabilities Within a Malware

DDoS capabilities within a malware are nothing new and are in fact becoming a commodity feature, but compared to the average DDoS-ers with ...

Two Cyber Jihadist Blogs Now Offline

Jihad Fields are Calling and The Ignored Puzzle of Knowledge are down, apparently the authors themselves decided to delete them compared t...
Monday, September 17, 2007

A Chinese Malware Downloader in the Wild

This is an example of a recently released in the wild DIY downloader with rather average features such as the ability for the malware author...

PayPal and Ebay Phishing Domains

As I needed another benchmark for a creative typosquatting next to my best finding of this World of Warcraft domain scam , I stumbled upon t...

Storm Worm's DDoS Attitude - Part Two

After commenting on Storm Worm's logical connection with the recent DDoS attacks against anti-scam web sites , SecureWorks timely releas...
Friday, September 14, 2007

U.S Consulate St. Petersburg Serving Malware

If that's not a pattern and good timing, it's a malicious anomaly. On the 31 of August, 2007, Bank of India was serving malware cou...